queues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's producer captures and enqueues arbitrary incoming HTTP request data (see fetch in src/index.ts that records request.url/headers) and the consumer reads and processes batch.messages.map(msg => msg.body) (then forwards them to env.UPSTREAM_API_URL or logs/stores DLQ entries), so it clearly ingests and interprets untrusted, user-provided content.